#2 BlueToad server hack

Digital publishing company BlueToad in September revealed that the unique identifiers of some 1 million Apple iOS devices that hackers leaked were swiped from its servers. The Company’s CEO Paul DeHart’s admitted that his company was the victim of hacking that helped to clear suspicion from the FBI, which the Antisec-affiliated hacking group claimed to have taken the UDIDs from. In an interview with MSNBC DeHart said that his company did change its code to comply with stricter Apple guidelines earlier this year, but that the hackers got access to information stored via older code.

DeHart wrote in a blog post that: "We sincerely apologize to our partners, clients, publishers, employees and users of our apps. We take information security very seriously and have great respect and appreciation for the public's concern surrounding app and information privacy. BlueToad does not collect, nor have we ever collected, highly sensitive personal information like credit cards, social security numbers or medical information. The illegally obtained information primarily consisted of Apple device names and UDIDs - information that was reported and stored pursuant to commercial industry development practices."

#1 Path goes down wrong privacy path

Path, a social journal app for iPhone and Android devices, apologized in February after the report that the company was grabbing iPhone contact info and sticking it on its own servers. CEO Dave Morin wrote: "We made a mistake. Over the last couple of days users brought to light an issue concerning how we handle your personal information on Path, specifically the transmission and storage of your phone contacts. Through the feedback we've received from all of you, we now understand that the way we had designed our 'Add Friends' feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts."

It did not end their, more revelations that include the names of biggies like Twitter, Facebook and Foursquare, about doing the same stuff.  Apple cleared the air saying it took steps to require app makers whose wares are in its App Store to ask permission if they want to take contact info.